senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/veza-backend-api/internal
History
senke 3cfefaa24c [BE-SEC-012] be-sec: Implement API key authentication for webhooks 
- Added APIKey field to Webhook model with unique index
- Implemented GenerateAPIKey() method using crypto/rand for secure key generation
- Implemented ValidateAPIKey() method to authenticate webhook requests
- Implemented RegenerateAPIKey() method to rotate API keys
- Created WebhookAPIKeyMiddleware for validating API keys in requests
- Middleware supports X-API-Key header and Authorization: Bearer format
- Added endpoint POST /api/v1/webhooks/:id/regenerate-key
- API keys are prefixed with 'whk_' for identification
- Comprehensive unit tests for all API key functionality
- Inactive webhooks cannot authenticate with their API keys

Phase: PHASE-4
Priority: P2
Progress: 119/267 (44.57%)
2025-12-24 18:03:52 +01:00
..
api [BE-SEC-012] be-sec: Implement API key authentication for webhooks 2025-12-24 18:03:52 +01:00
common refonte: backend-api go first; phase 1 2025-12-12 21:34:34 -05:00
config [BE-SVC-015] be-svc: Implement logging aggregation 2025-12-24 16:58:58 +01:00
core [BE-SVC-001] be-svc: Implement caching layer for frequently accessed data 2025-12-24 16:02:16 +01:00
database [BE-DB-018] be-db: Add database performance monitoring 2025-12-24 15:58:48 +01:00
dto [BE-API-001] api: Implement 2FA endpoints (setup, verify, disable) 2025-12-23 01:40:28 +01:00
email STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
errors refactor(marketplace): enforce unified api response envelope 2025-12-06 17:39:04 +01:00
eventbus adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
features adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
handlers [BE-SEC-012] be-sec: Implement API key authentication for webhooks 2025-12-24 18:03:52 +01:00
infrastructure STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
interfaces adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
jobs STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
logging [BE-SVC-015] be-svc: Implement logging aggregation 2025-12-24 16:58:58 +01:00
metrics [BE-DB-018] be-db: Add database performance monitoring 2025-12-24 15:58:48 +01:00
middleware [BE-SEC-012] be-sec: Implement API key authentication for webhooks 2025-12-24 18:03:52 +01:00
models [BE-SEC-012] be-sec: Implement API key authentication for webhooks 2025-12-24 18:03:52 +01:00
monitoring stabilizing veza-backend-api: P1 & P2 2025-12-16 13:34:08 -05:00
recovery [BE-SVC-022] be-svc: Implement data export service 2025-12-24 18:01:00 +01:00
repositories [BE-DB-003] be-db: Add soft delete support to all models 2025-12-24 15:07:25 +01:00
repository adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
response stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
security adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
services [BE-SEC-012] be-sec: Implement API key authentication for webhooks 2025-12-24 18:03:52 +01:00
shutdown [BE-SVC-017] be-svc: Implement graceful shutdown 2025-12-24 17:03:11 +01:00
testutils stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
tracing [BE-SVC-018] be-svc: Implement request tracing 2025-12-24 17:05:32 +01:00
types adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
utils [BE-SEC-009] be-sec: Implement input sanitization 2025-12-24 12:15:25 +01:00
validators [BE-SVC-020] be-svc: Implement request validation improvements 2025-12-24 17:09:54 +01:00
workers stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00